RSA breached in APT attack; SecureID info stolen
RSA, the Security Division of EMC Corp., said Thursday that information related to its SecurID two-factor authentication products was stolen in an “extremely sophisticated cyberattack” against the company.
In an open letter to customers posted on the company’s website, Art Coviello, RSA executive chairman, said RSA recently detected the attack.
“Our investigation has led us to believe that the attack is in the category of an Advanced Persistent Threat (APT). Our investigation also revealed that the attack resulted in certain information being extracted from RSA’s systems. Some of that information is specifically related to RSA’s SecurID two-factor authentication products,” he said.
APT is used to describe attacks in which organized intruders gain access to a network and often stay there undetected for a long period of time with the goal of stealing data.
The RSA open letter is available here
RSA two-factor authentication products are used by corporations, healthcare institutions and charities, banks and financial institutions, as well as by various levels of government .